Table 2 Framework for privacy design, development cycles and levels
From: Making context the central concept in privacy engineering
Development cycle | 1st | 2nd | 3rd |
|---|---|---|---|
Key aspect | Context (semantic development) | Trusted processes (organisational development) | Proof of concept (technical development) |
Policy/legal level | (Not included) | What trust regime would integrate all interoperability levels? | How to engage policy level in development? |
Organisational level | Process idea: Privacy as negotiation expressed in data sharing policies and executed by smart contracts. ML plays role in relieving the user of privacy tasks. | What process integrates institutional and company privacy policies, data sharing policies, and executable scripts regulating data streams? What role will ML play? | What application scenarios could change current practice without jeopardising the CI approach? |
Semantic level | Privacy decisions triggered by events activating contextual knowledge. Data sharing policy. | Any new concepts needed? | Any new concepts needed? |
Technical level | Modular application scenario | How to orchestrate a suite of semantic technologies that are able to transform privacy knowledge between levels (national judiciary domain, institutional domain, personal domain, tools, contracts)? | What series of self-contained and useful apps could be developed that proves key ideas of overall solution? Alert app, monitoring activity and triggering reflection on privacy? Self-storage solutions, moving data sharing control more towards user? Negotiation simulation app, using context trigger data and privacy policy ontologies. |